diff options
author | Milo Winningham <milo@winningham.net> | 2019-06-21 23:29:05 -0700 |
---|---|---|
committer | Milo Winningham <milo@winningham.net> | 2019-06-22 12:43:11 -0700 |
commit | 36b25aa1c4863cc70c74fd783fb54ba44a3a128e (patch) | |
tree | ac9e2fd41654570ad177433f2b7d34c98966804a /actionpack | |
parent | a2a515d9de4ef0ddf4d78b05fcb0b838d2e1b5e3 (diff) | |
download | rails-36b25aa1c4863cc70c74fd783fb54ba44a3a128e.tar.gz rails-36b25aa1c4863cc70c74fd783fb54ba44a3a128e.tar.bz2 rails-36b25aa1c4863cc70c74fd783fb54ba44a3a128e.zip |
Add test for cookie being modified by rotation
Diffstat (limited to 'actionpack')
-rw-r--r-- | actionpack/test/dispatch/cookies_test.rb | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/actionpack/test/dispatch/cookies_test.rb b/actionpack/test/dispatch/cookies_test.rb index d129fa717d..e4d4792de6 100644 --- a/actionpack/test/dispatch/cookies_test.rb +++ b/actionpack/test/dispatch/cookies_test.rb @@ -893,6 +893,19 @@ class CookiesTest < ActionController::TestCase assert_equal 45, encryptor.decrypt_and_verify(@response.cookies["foo"]) end + def test_cookie_with_hash_value_not_modified_by_rotation + @request.env["action_dispatch.signed_cookie_digest"] = "SHA256" + @request.env["action_dispatch.cookies_rotations"].rotate :signed, digest: "SHA1" + + key_generator = @request.env["action_dispatch.key_generator"] + old_secret = key_generator.generate_key(@request.env["action_dispatch.signed_cookie_salt"]) + old_value = ActiveSupport::MessageVerifier.new(old_secret).generate(bar: "baz") + + @request.headers["Cookie"] = "foo=#{old_value}" + get :get_signed_cookie + assert_equal({ bar: "baz" }, @controller.send(:cookies).signed[:foo]) + end + def test_cookie_with_all_domain_option get :set_cookie_with_domain assert_response :success |